Update CHANGELOG.

Mark the token as expired, because invalid gives no clue of what to do next.
2026-01-12 16:28:05 -05:00 · 2011-04-21 19:19:35 +02:00 · 2011-04-21 19:18:40 +02:00
5 changed files with 9 additions and 3 deletions
--- a/CHANGELOG.rdoc
+++ b/CHANGELOG.rdoc
@@ -1,3 +1,8 @@
+== 1.3.3
+
+* bug fix
+  * Explicitly mark the token as expired if so
+
 == 1.3.2

 * bug fix
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -3,6 +3,7 @@
 en:
  errors:
    messages:
+      expired: "has expired, please request a new one"
      not_found: "not found"
      already_confirmed: "was already confirmed, please try signing in"
      not_locked: "was not locked"
--- a/lib/devise/models/recoverable.rb
+++ b/lib/devise/models/recoverable.rb
@@ -116,7 +116,7 @@ module Devise
            if recoverable.reset_password_period_valid?
              recoverable.reset_password!(attributes[:password], attributes[:password_confirmation]) 
            else
-              recoverable.errors.add(:reset_password_token, :invalid)
+              recoverable.errors.add(:reset_password_token, :expired)
            end
          end
          recoverable
--- a/lib/devise/version.rb
+++ b/lib/devise/version.rb
@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "1.3.2".freeze
+  VERSION = "1.3.3".freeze
 end
--- a/test/models/recoverable_test.rb
+++ b/test/models/recoverable_test.rb
@@ -192,7 +192,7 @@ class RecoverableTest < ActiveSupport::TestCase

      assert user.valid_password?(old_password)
      assert_not user.valid_password?('new_password')
-      assert_equal "is invalid", reset_password_user.errors[:reset_password_token].join
+      assert_equal "has expired, please request a new one", reset_password_user.errors[:reset_password_token].join
    end
  end
Author	SHA1	Message	Date
José Valim	39b59142ea	Update CHANGELOG.	2011-04-21 19:19:35 +02:00
José Valim	624fb566fb	Mark the token as expired, because invalid gives no clue of what to do next.	2011-04-21 19:18:40 +02:00